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This listing of claims will replace all prior versions, and listings, of claims in the application: 




ISTING OF CLAIMS 



(previously presented) A method for maintaining a security profile throughout nested service 
invocations on a distributed, component-based system, comprising the steps of: 

(a) providing interconnections between distributed components each having nested 
service invocations; 

(b) identifying a user; 

(c) associating the user with roles; 

(d) creating a user context instance upon successful identification of the user, wherein the 
user context instance includes information about the user including the roles and a 
unique user identifier; 

(e) receiving a request from the user to invoke a first service on a first component, 
wherein the first component invokes a second service of a second component such 
that the user context instance is passed as a parameter from the first component to the 
second component, and wherein completion of the second service is necessary to 
complete the first service; 

(f) querying the user context instance for the unique user identifier; 

(g) comparing the unique user identifier in the user context instance with an access 
control list for verifying that the user has access to the first component; and 

(h) comparing the unique user identifier in the user context instance with an access 
control list for verifying that the user has access to the second service of the second 
component. 



C 



2. (original) A method as recited in claim 1 , further comprising the step of logging all user 
interactions. 



0 



^ 3. (previously presented) A method as recited in claim 1 , further comprising the step of 

modifying a user interface to provide access to actions that can be performed by the user based on the 
unique user identifier and the roles associated with the user. 




(canceled) 
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UjJ^^ (currently amended) A method as recited in claim [[4]] 1, wherein the first service invoked 
V associates any objects created, updated, or deleted as a result of the invocation of the first service 



■ o 

with the user context instance. 



£± (original) A method as recited in claim 1, wherein the user context instance encapsulates 

security certificates of the user. 



\) u. (previously presented) A computer program embodied on a computer readable medium for 
maintaining a security profile throughout nested service invocations on a distributed, component- 
based system, comprising: 

(a) a code segment that provides interconnections between distributed components each 
having nested service invocations; 

(b) a code segment that identifies a user; 

(c) a code segment that associates the user with roles; 

(d) a code segment that creates a user context instance upon successful identification of 
the user, wherein the user context instance includes information about the user 
including the roles and a unique user identifier; 

C, (e) a code segment that receives a request from the user to invoke a first service on a first 

component, wherein the first component invokes a second service of a second 
component such that the user context instance is passed as a parameter from the first 
component to the second component, and wherein completion of the second service is 
necessary to complete the first service; 

(f) a code segment that queries the user context instance for the unique user identifier; 

(g) a code segment that compares the unique user identifier in the user context instance 
with an access control list for verifying that the user has access to the first 
component; and 

(h) a code segment that compares the unique user identifier in the user context instance 
with an access control list for verifying that the user has access to the second service 
of the second component. 
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/} ^ (original) A computer program as recited in claim^f further comprising a code segment that 
\ logs all user interactions. i^P 

^ ^ Jjff (previously presented) A computer program as recited in claim^further comprising a code 
C ^7 segment that modifies a user interface to provide access to actions that can be performed by the user 
based on the unique user identifier and the roles associated with the user. 

(canceled) 

y{. (currently amended) A computer program as recited in claim [[10]]^ wherein the first 
£ *t service invoked associates any objects created, updated, or deleted as a result of the invocation of the 
first service with the user context instance. 




(original) A computer program as recited in claim)$f wherein the user context instance 
encapsulates security certificates of the user. 



(previously presented) A system for maintaining a security profile throughout nested service 
invocations on a distributed, component-based system, comprising: 

(a) logic that provides interconnections between distributed components each having 
nested service invocations; 

(b) logic that identifies a user; 

(c) logic that associates the user with roles; 

(d) logic that creates a user context instance upon successful identification of the user, 
/ ( wherein the user context instance includes information about the user including the 

0 roles and a unique user identifier; 

(e) logic that receives a request from the user to invoke a first service on a first 
component, wherein the first component invokes a second service of a second 
component such that the user context instance is passed as a parameter from the first 
component to the second component, and wherein completion of the second service is 
necessary to complete the first service; 

(f) logic that queries the user context instance for the unique user identifier; 
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(g) logic that compares the unique user identifier in the user context instance with an 
access control list for verifying that the user has access to the first component; and 

(h) logic that compares the unique user identifier in the user context instance with an 
access control list for verifying that the user has access to the second service of the 
second component. 




f<^~ jr- (original) A system as recited in claim J3 9 further comprising logic that logs all user 

interactions. 

_ '3 >^ 5 * (previously presented) A system as recited in claim jX further comprising logic that 
^ modifies a user interface to provide access to actions that can be performed by the user based on the 

unique user identifier and the roles associated with the user. 

(canceled) 

/ y V ( current ly amended) A system as recited in claim [[ 16]]J^wherein the first service 

invoked associates any objects created, updated, or deleted as a result of the invocation of the first 
service with the user context instance. 

~ *L8. (original) A system as recited in claim wherein the user context instance encapsulates 

security certificates of the user. 
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